Nizamani, Shah Zaman, Hassan, Syed Raheel, Shaikh, Riaz Ahmed ORCID: https://orcid.org/0000-0001-6666-0253, Abozinadah, Ehab Atif and Mehmood, Rashid (2021) A novel hybrid textual-graphical authentication scheme with better security, memorability, and usability. IEEE Access, 9. pp. 51294-51312. ISSN 2169-3536
Preview |
PDF (A_Novel_Hybrid_Textual-Graphical_Authentication_Scheme_With_Better_Security_Memorability_and_Usability)
- Published Version
Available under License Creative Commons Attribution Non-commercial No Derivatives. Download (2MB) | Preview |
Abstract
Despite numerous efforts, developing an authentication scheme that offers strong security while offering memorability and usability remains a grand challenge. In this paper, we propose a textual-graphical hybrid authentication scheme that improves the security, memorability and usability inadequacies of existing authentication schemes. This has been achieved by combining a range of mechanisms together, in a novel manner, to address weaknesses of the existing security schemes. Firstly, two dynamically selectable modes of password entry (Easy Login, and Secure Login) provide a trade-off between usability and security, allowing the user to dynamically switch to any of these methods in real-time based on the security of the surrounding environment (e.g., secure home environment versus insecure public places) or the criticality of the user account (e.g., a bank account). The other mechanisms included a novel use of the drawmetric mechanism for setting the password to improve memorability, multistep authentication, a novel adaptation of one-time password (OTP) concept using a random selection of password elements, random placement of password elements in different steps, assigning random numbers to the password elements to increase security, and use of simple addition to improve security. We have implemented and analysed the proposed scheme for its security against brute-force attacks, dictionary, shoulder surfing, random guessing, phishing or forming, keystroke/mouse logger, and multiple recording attacks. We have also investigated its usability and memorability, reporting various trends of password elements used and the respective authentication times. Moreover, we have compared the proposed scheme with eight other well-known authentication schemes in terms of its resilience and authentication time. The results and analyses demonstrate the effectiveness of the proposed scheme. We believe that a range of novel methods introduced in this proposed scheme opens several doors for innovation in security techniques.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | authentication,graphical passwords,password security,textual passwords,computer science(all),materials science(all),engineering(all) ,/dk/atira/pure/subjectarea/asjc/1700 |
Faculty \ School: | Faculty of Science > School of Computing Sciences |
UEA Research Groups: | Faculty of Science > Research Groups > Cyber Security Privacy and Trust Laboratory |
Related URLs: | |
Depositing User: | LivePure Connector |
Date Deposited: | 30 May 2022 13:30 |
Last Modified: | 02 Sep 2023 01:17 |
URI: | https://ueaeprints.uea.ac.uk/id/eprint/85251 |
DOI: | 10.1109/ACCESS.2021.3069164 |
Downloads
Downloads per month over past year
Actions (login required)
View Item |